When it rains, it truly pours. The Android operating system has seen attack after attack on its security and privacy these past couple of months. Get ready for one more. Researchers from the ESET security software company have discovered an aggressive new ransomware that locks up your device with a PIN code you do not know and asks for a USD$500 bogus ransom.
This new ransomware has been dubbed Android/Lockerpin.A – where malware developers have stepped up their game in locking you out of your device. It used to be that one could use ADB to easily get rid of such malware (although it was still a major hassle). With this new type of ransomware, there is no effective way of regaining access except if you have root access (which most users don’t have), or a factory reset, which unfortunately deletes all your data.
The malware usually comes from warez and torrent sites and forums. It will attempt to have you install it – and thereby grant device admin privileges – by masquerading as an “update patch installation”. By pressing on continue, you will give the Trojan admin privileges and it can now lock the device with a PIN code you don’t know. After being locked out, the user will be prompted to pay a USD$500 ransom for allegedly viewing pornographic material, which is all bogus.
There is now way around the PIN code, and also no way to uninstall the malware because it protects itself from uninstallation with a recall code, which gives it the same admin rights if you try to delete it off your device. How do you protect yourself from this? Make sure you don’t visit these shady sites, and have an up-to-date malware protection.
SOURCE: ESET
Lol, or don’t agree to the permission?
Every single app that asks for admin explicity states what it can do.
You would be perfectly safe installing the ransomware and simply refuse the request to “Manage your lock screen and PIN” when it comes up.
Literally, why the fuck would you even need antivirus if you actually, you know, read?
As such, there’s a screen shot missing after you click Activate. It’s extremely misleading what’s happening. Lol